I want my telnet back!

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

I want my telnet back!

L0 Member

Don't get me wrong, I really like PAN-OS 5, but why did they take my favorite troubleshooting tool away?

The PA is the new device in our environment and if anything is not working all blame on the 'new guy'.

User claims: 'since we have the new firewall I can't get to webpage xyz anymore' 

Admin: A quick telnet from the PA to xyz on port 80 is timing out?

Admins answer: Sorry Sir, the webpage is either down or somebody upstream is blocking the access. Not even the firewall can get there.

Actually, if they re-enable it (the underlying BusyBox certainly still supports it) it would be really cool if we could specify a source interface like for ping and traceroute.

Am I the only one who's missing telnet or it it worth an RFE?

23 REPLIES 23

L3 Networker

<me being funny>

Good news, in light of all the PA customers input, PA had decided to replace telnet with nc in the next update! :smileydevil:

</me being funny>

Looks like we are getting nowhere with this according to my SE. Smiley Sad

/Jo Christian

Jochristian,

I talked to my SE and he confirmed that there is a pending RFE matching the suggestion of mikand.

He added me to that request and wanted to link this thread there as well.

So no telnet, but a connectivity testing utility.

Thanks

Ulli

Any news on what is planned now and how long it will take to implement the "telnet alternative"? I'm missing it badly too!

Telnet won't come back again according to my SE :smileyangry:

But still not a official answer on this...

Jo Christian

/Jo Christian

Not applicable

What a shame, that was really useful Smiley Sad

I hope that they look at the functionality of tracetcp (Win32) or LFT (Linux).

The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries.

I want tcpdump for all interfaces

Just throwing this one out there, but you can build a rule with specific source/destination traffic and then have the PA packet capture on that one specific rule:

I've used this and it works... it's kind of a "ghetto tcpdump" way of doing it. The packet captures show up in the Monitor tab with a green arrow next to them, just as though a Threat rule that had 'packet capture' turned on had matched.

  • 10518 Views
  • 23 replies
  • 3 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!